The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
The Hacker News

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

Panel patched three vulnerabilities, including two 8.8 CVSS flaws, reducing risks of code execution and privilege escalation.
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.

New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.

Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites

Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting ...
TechBooky

Hackers Are Exploiting Critical cPanel Bug, Putting Millions of Websites at Risk

Web hosting providers are racing to secure their infrastructure after security researchers disclosed a serious vulnerability in cPanel and WebHost ...